Application of Block Chain Technology in Constructing Network Threat Intelligence System

At present, the threat situation in cyberspace is more and more serious, and there are many attack methods in cyberspace. It is urgent to build a healthy and efficient cyber threat intelligence ecosystem. At the same time, strengthening the cooperation and mutual assistance of various information systems and creating a widely Shared and fully interconnected information sharing environment can maximize the value of threat intelligence and improve the capabilities of threat detection and emergency response of all parties. However, it is easy for many researchers and organizations to conduct intelligence collection in their own way to form information islands, which limits the active flow of information among organizations. In recent years, block chain has attracted extensive attention in the field of distributed records and immutable transactions. In this paper, a network threat intelligence sharing platform based on block chain technology is built based on the characteristics of block chain. Through our experiments, the network threat intelligence system based on block chain technology proposed in this paper can collect more diversified and larger quantities of network data under the condition of ensuring security and privacy, and improve the efficiency of sharing network threat intelligence data across organizations.

[1]  Satoshi Nakamoto Bitcoin : A Peer-to-Peer Electronic Cash System , 2009 .

[2]  Kuai Xu,et al.  Internet Traffic Behavior Profiling for Network Security Monitoring , 2008, IEEE/ACM Transactions on Networking.

[3]  Daniel Davis Wood,et al.  ETHEREUM: A SECURE DECENTRALISED GENERALISED TRANSACTION LEDGER , 2014 .

[4]  Arjun Raj,et al.  Behavior Rule Specification-based Intrusion Detection for Safety Critical Medical Cyber Physical Systems : A Review , 2015 .

[5]  Yuan-Cheng Lai,et al.  An extended SDN architecture for network function virtualization with a case study on intrusion prevention , 2015, IEEE Network.

[6]  Alex Pentland,et al.  Decentralizing Privacy: Using Blockchain to Protect Personal Data , 2015, 2015 IEEE Security and Privacy Workshops.

[7]  Zahir Tari,et al.  Data summarization for network traffic monitoring , 2014, J. Netw. Comput. Appl..

[8]  Ali Doustmohammadi,et al.  Intrusion Detection in Cyber-Physical Systems Based on Petri Net , 2018, Inf. Technol. Control..

[9]  Muttukrishnan Rajarajan,et al.  A survey of intrusion detection techniques in Cloud , 2013, J. Netw. Comput. Appl..

[10]  Hsiao-Hwa Chen,et al.  Intrusion Detection in Cyber-Physical Systems: Techniques and Challenges , 2014, IEEE Systems Journal.

[11]  Fang Liu,et al.  HyXAC: Hybrid XML Access Control Integrating View-Based and Query-Rewriting Approaches , 2015, IEEE Transactions on Knowledge and Data Engineering.

[12]  Ning Cao,et al.  Network Security Situation Awareness Framework based on Threat Intelligence , 2018 .